Can not get the Auth Token for GData After Authentication on App Engine

Question

I would like to pull the Auth Token for the Gdata auth so that I can write to a google calendar. I am having issues getting the token after authentication so that I can send the token to the calendar service.

I am using the default login screen provided by appengine (/_ah/login) and I am able to login and authenticate, however, I am unable to pull the Auth Token out of the self.request.uri because the URL is being rewritten:

Example:

Login Screen Redirect from kiddushfund.appspot.com/admin https://www.google.com/accounts/ServiceLogin?service=ah&continue=http://appname.appspot.com/_ah/login%3Fcontinue%3Dhttp://appname.appspot.com/admin&ltmpl=gm&ahname=App+Name&sig=65e70293a754da54fe06ecbedbb59213

This is after authentication and the URL was pulled out of firebug http://appname.appspot.com/_ah/login?continue=http://appname.appspot.com/admin&auth=DQAAAL0AAAD9X_Noig8blUlg_KA02UbjgBC2yWl8XKXIVA3SI5ZQ7pJOyL4SyYPpKu5jOLAw0ol0rSUVBENBMmWC2DkH6sTxx3AlSF4UI_LcByDlacBV3Fy1At80h_ML97fLeu0LLQbgzuLxY_wTHBb5svkCVDOeVABFKf98qvZ62SGl0PrDTxs1P3lCF04ooDdFilDecGUoED6hbnjd9P7-6eqxOO9nrBCSk571uyWZCLIA-1I5f3Om_MqAIPmi_5mqLXOSv0I

This is the final URL after the authentication but I'm not able to pull the token anymore http://appname.appspot.com/admin

This seems like a really simple problem and any help would be appreciated. Thanks.

from google.appengine.ext.webapp.util import run_wsgi_app
from google.appengine.api import users
from google.appengine.ext import webapp

import atom
import settings
import os
import urllib
import urllib2
import cookielib

import gdata.service
import gdata.auth
import gdata.alt.appengine
import gdata.calendar
import gdata.calendar.service


class Auth(webapp.RequestHandler):
    def __init__(self):
        self.calendar_client = gdata.calendar.service.CalendarService()
        gdata.alt.appengine.run_on_appengine(self.calendar_client)

def get(self):
    user = users.get_current_user()
    if user:
        token_request_url = None
        auth_token = gdata.auth.extract_auth_sub_token_from_url(self.request.uri)

        if auth_token:
            self.calendar_client.SetAuthSubToken(self.calendar_client.upgrade_to_session_token(auth_token))

        if not isinstance(self.calendar_client.token_store.find_token(
                'http://www.google.com/calendar/feeds/'),gdata.auth.AuthSubToken):
                token_request_url = gdata.auth.generate_auth_sub_url(self.request.uri,
                ('http://www.google.com/calendar/feeds/default/',))

        #This is where I were I would look for the token but the self.request.url
        # is only return http://appname.appspot.admin - with no token.  
        self.response.out.write(self.request.uri)

    else:
        self.redirect(users.create_login_url(self.request.uri))



def main():
    application = webapp.WSGIApplication([('/.*', Auth),], debug=True)
    run_wsgi_app(application)

if __name__ == '__main__':
    main()

Answer 1

The login screen only authenticates the user to your application, it does not give you authorization to the user's gdata.

You will need to have the user authorize your use of the calendar api - I suggest through oauth here: http://code.google.com/apis/gdata/docs/auth/overview.html#OAuth.

You only need to do this once, and then store the oauth token for that user for all subsequent calls.

Answer 2

There are limitations about number of tokens outstanding - e.g. numbers of users possible. What about number of ClientLogin tokens outstanding?